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AMENDMENTS TO THE CLAIMS 

1 1 . (Previously Presented) A method of modifying a subscription of a subscriber to one 

2 or more telecommunications services based on subscriber information and service 

3 information that are stored in a directory repository, the method comprising the 

4 computer-implemented steps of: 

5 determining whether the subscriber is currently logged in, and if the subscriber is not 

6 currently logged in, directing the subscriber to log in through an 

7 authentication server and generating, by an authorization service, a privilege 

8 token associated with the authenticated subscriber that includes subscriber 

9 privilege information, wherein said authorization service is separate from said 

1 0 authentication server; 

1 1 receiving a modification request to modify the subscription of the subscriber to the 

1 2 one or more telecommunication services; 

13 determining, based on subscriber privilege information in the privilege token 

1 4 associated with the subscriber generated by the authorization service, whether 

1 5 the subscriber has privileges sufficient to cairy out the requested modification; 

1 6 if the subscriber is determined to have sufficient privileges, then performing the steps 

17 of: 

1 8 receiving, from the directory repository, first subscriber information and first 

1 9 service information representing only such services for which the 

20 subscriber is then currently subscribed; 

2 1 modifying the first subscriber information and first service information to 

22 reflect the modification; 

23 sending the modified information to the directory repository, resulting in 

24 creating and storing, in the directory repository, second service 

25 information that reflects the modification; 

26 generating an engagement request to engage the telecommunications service 

27 for the subscriber in order to fulfill the modification request. 
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1 2. (Previously Presented) A method as recited in Claim 1 , wherein the authorization 

2 service generates the privilege token by the steps of: 

3 receiving a user name associated with the subscriber and mapping the user name to a 

4 distinguished name in the directory repository; 

5 creating and storing a$ subscriber privilege information in the privilege token one or 

6 more roles occupied by the subscriber based on role information that is stored 

7 in the directory repository, said stored role information including mapping 

8 information that maps a role to one or more privileges that specify which 

9 telecommunications services a subscriber having that role can subscribe to. 

1 3 . (Previously Presented) A method as recited in Claim 1 , wherein the step of 

2 determining whether the subscriber is currently logged in comprises determining 

3 whether a host object that uniquely identifies the subscriber exists, and wherein the 

4 privilege token associated with the subscriber is stored with the host object that 

5 uniquely identifies the subscriber. 

1 4. (Previously Presented) A method as recited in Claim 1, wherein the step of generating 

2 an engagement request comprises the steps of subscribing the subscriber to the 

3 service by creating and storing a relation of a subscriber object that programmatically 

4 represents the subscriber to a service object that programmatically represents the 

5 service, and creating and storing one or more attribute values in the relation, wherein 

6 the attribute values define the subscription. 

1 5 . (Currently Amended) A method of modifying subscriptions of a group of subscribers 

2 to one or more telecommunications services based on subscriber information m4 

3 s e rvic e information that arc stored in a directory repository, the method comprising 

4 the computer-implemented steps of: 



receiving from an administrator of the group, a request to modify the subscriptions of 
the group of subscribers to the one or more telecommunications services: 
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7 determining, based on subscriber privilege information in a privilege token that is 

8 associated with the administrator and is generated by an authorization service, 

9 whether the administrator has privileges sufficient to carry out the requested 

10 modification; 

1 1 if the administrator is determined to have sufficient privileges,, then performing the 

12 steps of: 

1 3 receiving, from the directory repository, current subscriber information and 

1 4 current service information representing then-current services to which 

1 5 the group of subscribers are subscribed; 

1 6 modifying the subscriber information and fee service information to reflect the 

17 modifications, resulting in creating and storing, in the directory 

1 8 repository, updated service information that reflects the modifications; 

1 9 generating one or more requests to subscribe fee a telecommunications service 

20 to the group of subscribers to fulfill the request of the administrator. , 

1 6. (Original) A method as recited in Claim 5, wherein the group of subscribers is 

2 defined explicitly by creating and storing a named group that contains one or more 

3 subscribers as group members. 

1 7. (Original) A method as recited in Claim 5, wherein the group of subscribers is 

2 defined implicitly such that the group comprises one or more subscribers in an object 

3 tree of the directory repository who are subordinate in the tree to a container node of 

4 the tree. 

1 8, (Currently Amended) A method as recited in Claim 5, further comprising the steps of 

2 subscribing one of the subscribers in the group to the telecommunications service by 

3 creating and storing a relation of a subscriber object that programmatically represents 

4 the subscriber to a service object that programmatically represents the 

5 tftl ftmmm unications service, and creating and storing one or more attribute values in 

6 the relation, wherein the attribute values define the subscription. 
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1 9. (Previously Presented) A method of automatically logging in a subscriber to all 

2 telecommunications services subscribed to by the subscriber based on subscriber 

3 information and service information that are stored in a directory repository, the 

4 method comprising the computer-implemented steps of: 

5 receiving a request from the subscriber to log in to the telecommunications services; 

6 authenticating the subscriber by an authentication server; 

7 generating a privilege token associated with the subscriber by an authorization 

8 service, said privilege token including subscriber privilege information, 

9 wherein said authorization service is separate from said authentication server; 

10 determining whether the subscriber is allowed to automatically log into the 

1 1 telecommunication services, said determination based on subscriber privilege 

12 information in the privilege token associated with the subscriber; 

13 if the subscriber is allowed to automatically log into the telecommunications services, 
H receiving, from the directory repository, a list of all services for which the 

1 5 subscriber is then currently subscribed, and automatically logging the 

1 6 subscriber into all services identified in the list. 

1 1 0. (Original) A method as recited in Claim 9, wherein automatically logging the 

2 subscriber into all services identified in the list comprises the steps of: 

3 for each of the services identified in the list: 

4 obtaining service information that describes the services from the directory 

5 repository; 

6 creating and storing a relation between a service object in the directory 

7 repository that uniquely identifies and represents each of the services 

8 and privileges of the subscriber, and a subscriber object that uniquely 

9 represents the subscriber. 

1 11. (Original) A method as recited in Claim 10, further comprising the steps of storing 

2 the privilege token in a service selection gateway for use in subsequent authorization 

3 processes relating to the subscriber. 

5 
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1 12. (Canceled) 



1 
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1 3. (Currently Amended) A method of automatically subscribing a subscriber to a 

telecommunications service based on sub s crib e r information trad servic e information 
that are stored in a directory repository, the method comprising the computer- 
implemented steps of: 

receiving a request from the subscriber to obtain a list of available 
telecommunications services; 

generating a list of only those telecommunications services for which the subscriber 
has [[a]] privileges to subscribe to, based on privilege information and service 
information that is stored in the directory repository and associated with the 
subscriber, said privilege information associated with the subscriber 
specifying what telecommunications services the subscriber has privileges to 
subscribe to; 

receiving a subscriber selection of one of the telecommunications services from the 

generated list of telecommunications services; 
verifying that the subscriber has privileges that permit the subscriber to subscribe to 

the selected telecommunications service; 
creating and storing updated subscription information in the directory repository; 
generating a request to subscribe the subscriber to the selected telecommunications 

service based on the updated subscription information. 



1 

2 
3 
4 

5 



14. 



(Previously Presented) A method as recited in Claim 13, wherein said privilege 
information associated with the subscriber is comprised of a privilege token for the 
subscriber that identifies a role of the subscriber, wherein the privileges of the 
subscriber to subscribe to a telecommunications service is determined by the role in 
the privilege token for the subscriber. 



1 
2 



15. 



(Currently Amended) A method as recited in Claim 13, wherein generating [[a]] the 
list of only those telecommunications services for which the subscriber has [[a]] 
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3 privileges to subscribe to includes the step of generating and providing to the 

4 subscriber a custom display page that identifies only those telecommunications 

5 services for which the subscriber has [[a]] privileges to subscribe to. 

1 1 6. (Previously Presented) A computer-readable medium carrying one or more sequences 

2 of instructions for modifying a subscription of a subscriber to one or more 

3 telecommunications services based on subscriber information and service information 

4 that are stored in a directory repository, which instructions, when executed by one or 

5 more processors, cause the one or more processors to carry out the steps of: 

6 determining whether the subscriber is currently logged in, and if the subscriber is not 

7 currently logged in, directing the subscriber to log in through an 

8 authentication server and generating, by an authorization service, a privilege 

9 token associated with the authenticated subscriber that includes subscriber 

10 privilege information, wherein said authorization service is separate from said 

1 1 authentication server; 

1 2 receiving a modification request to modify the subscription of the subscriber to the 

1 3 one or more telecommunications services; 

14 detennining, based on subscriber privilege information in the privilege token 

1 5 associated with the subscriber generated by the authorization service, whether 

1 6 the subscriber has privileges sufficient to carry out the requested modification; 

17 if the subscriber is determined to have sufficient privileges, the one or more 

1 8 sequences of instructions which, when executed, further cause the one or more 

1 9 processors to carry out the steps of: 

20 receiving, from the directory repository, first subscriber information and first 

2 1 service information representing only such services for which the 

22 subscriber is then currently subscribed; 

23 modifying the first subscriber information and first service information to 

24 reflect the modification; 

25 sending the modified information to the directory repository, resulting in 

26 creating and storing, in the directory repository, second service 

27 information that reflects the modification; 
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28 generating an engagement request to engage the telecommunications service 

29 for the subscriber in order to fulfill the modification request. 

1 1 7. (Previously Presented) An apparatus for modifying a subscription of a subscriber to 

2 one or more telecommunications services based on subscriber information and service 

3 information that are stored in a directory repository, comprising: 

4 means for determining whether the subscriber is currently logged in, and if the 

5 subscriber is not currently logged in, means for directing the subscriber to log 

6 in through an authentication server and means for generating a privilege token 

7 associated with the authenticated subscriber by an authorization service, said 

8 privilege token including subscriber privilege information, wherein said 

9 authorization service is separate from said authentication server; 

1 0 means for receiving a modification request to modify the subscription of the 

1 1 subscriber to the one or more telecommunications services; 

12 means for determining, based on subscriber privilege information in the privilege 

1 3 token associated with the subscriber generated by the authorization service, 

14 whether the subscriber has privileges sufficient to cairy out the requested 

15 modification; 

16 means for receiving, from the directory repository, first subscriber information and 

1 7 first service information representing only such services for which the 

1 8 subscriber is then currently subscribed; 

19 means for modifying the first subscriber information and first service information to 

20 reflect the modification; 

21 means for sending the modified information to the directory repository, resulting in 

22 creating and storing, in the directory repository, second service information 

23 that reflects the modification; 

24 means for generating an engagement request to engage the telecommunications 

25 service for the subscriber in order to fulfill the modification request. 
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1 1 8, (Previously Presented) An apparatus for modifying a subscription of a subscriber to 

2 one or more telecommunications services based on subscriber information and service 

3 information that are stored in a directory repository, comprising: 

4 a network interface that is coupled to a data network that includes the directory 

5 repository for receiving information therefrom; 

6 a processor; 

7 one or more stored sequences of instructions which, when executed by the processor, 

8 cause the processor to carry out the steps of: 

9 determining whether the subscriber is currently logged in, and if the 

1 0 subscriber is not currently logged in, directing the subscriber to log in 

1 1 through an authentication server and generating, by an authorization 

12 service, a privilege token associated with the authenticated subscriber 

1 3 that includes subscriber privilege information, wherein said 

14 authorization service is separate from said authentication server; 

1 5 receiving a modification request to modify the subscription of the subscriber 

16 to the one or more telecommunications services; 

1 7 determining, based on subscriber privilege information in the privilege token 

1 8 associated with the subscriber that is generated by the authorization 

1 9 service, whether the subscriber has privileges sufficient to carry out 

20 the requested modification; 

21 if the subscriber is determined to have sufficient privileges, the one or more 

22 sequences of instructions which, when executed, further cause the 

23 processor to: 

24 receiving, from the directory repository, first subscriber information 

25 and first service infonnation representing only such services 

26 for which the subscriber is then currently subscribed; 

27 modifying the first subscriber information and first service information 

28 to reflect the modification; 
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29 sending the modified information to the directory repository, resulting 

30 in creating and storing, in the directory repository, second 

3 1 service information that reflects the modification; 

32 generating an engagement request to engage the telecommunications 

33 service for the subscriber in order to fulfill the modification 

34 request. 

1 1 9. (Currently Amended) A method of modifying a subscription of a subscriber to a 

2 telecommunications service based on information stored in a directory repository, the 

3 method comprising the computer-implemented steps of: 

4 receiving a request to identify one or more services to which [[a] J the subscriber is 

5 subscribed, based on a prior request to modify the subscription of the 

6 subscriber to the telecommunications service; 

7 generating a list of the one or more services to which the subscriber is currently 

8 subscribed, based on group membership of the subscriber, one or more roles 

9 occupied by the subscriber, and authorization information associated with the 

10 subscriber that is stored in the directory repository, wherein said one or more 

1 1 roles are mapped to one or more privileges that specify which 

12 telecommunications services a subscriber having that role can subscribe to; 

1 3 generating individual service information for each of the one or more services in the 

14 list, based on subscriber information and service information that is stored in 

1 5 the directory repository, for use in automatically subscribing the subscriber to 

1 6 a service that is represented by the individual service information. 

1 20, (Currently Amended) A computer-readable medium carrying one or more sequences 

2 of instructions for modifying a subscription of a subscriber to a telecommunications 

3 service based on subscriber information and s e rvice information that aro stored in a 

4 directory repository, which instructions, when executed by one or more processors, 

5 cause the one or more processors to carry out the steps of: 

10 
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receiving a request to identify one or more services to which [[a]] the subscriber is 
subscribed, based on a prior request to modify the subscription of the 
subscriber to the telecommunications service; 
generating a list of the one or more services to which the subscriber is currently 

subscribed, based on group membership of the subscriber, one or more roles 
occupied by the subscriber, and authorization information associated with the 
subscriber that is stored in the directory repository, wherein said one or more 
roles are mapped to one or more privileges that specify which 
telecommunications services a subscriber having that role can subscribe to; 
generating individual service information for each of the one or more services in the 
list, based on subscriber information and service information that is stored in 
the directory repository, for use in automatically subscribing the subscriber to 
a service that is represented by the individual service information. 



1 21. (Currently Amended) An apparatus for modifying a subscription of a subscriber to a 

2 telecommunications service based on flubcoribor information and servic e information 

3 that ar e stored in a directory repository, comprising: 

4 means for receiving a request to identify one or more services to which f[a]] the 

5 subscriber is subscribed, based on a prior request to modify the subscription of 

6 the subscriber to the telecommunications service; 

7 means for generating a list of the one or more services to which the subscriber is 

8 currently subscribed, based on group membership of the subscriber, one or 

9 more roles occupied by the subscriber, and authorization information 

1 0 associated with the subscriber that is stored in the directory repository, 

1 1 wherein said one or more roles are mapped to one or more privileges that 

1 2 specify which telecommunications services a subscriber having that role can 

13 subscribe to; 



means for generating individual service information for each of the one or more 

services in the list, based on subscriber information and service information 
that is stored in the directory repository, for use in automatically subscribing 



6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
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17 the subscriber to a service that is represented by the individual service 

18 information. 

1 22. (Currently Amended) An apparatus for modifying a subscription of a subscriber to a 

2 telecommunications service based on subscriber information and oorvioo information 

3 &afc-afe stored in a directory repository, comprising: 

4 a directory-enabled service selection framework that is coupled to the directory 

5 repository for receiving stored information therefrom; 

6 a processor; 

7 one or more stored sequences of instructions in the framework which, when executed 

8 by the processor, cause the processor to carry out the steps of: 

9 receiving a request to identify one or more services to which [[a]] the 

10 subscriber is subscribed, based on a prior request to modify the 

1 1 subscription of the subscriber to the telecommunications service; 

12 generating a list of the one or more services to which the subscriber is 

13 currently subscribed, based on group membership of the subscriber, 

14 one or more roles occupied by the subscriber, and authorization 

1 5 information associated with the subscriber that is stored in the 

1 6 directory repository, wherein said one or more roles are mapped to one 

1 7 or more privileges that specify which telecommunications services a 

1 8 subscriber having that role can subscribe to; 

1 9 generating individual service information for each of the one or more services 

20 in the list, based on subscriber information and service information 

2 1 that is stored in the directory repository, for use in automatically 

22 subscribing the subscriber to a service that is represented by the 

23 individual service information. 

1 23. (New) An apparatus for modifying subscriptions of a group of subscribers to one or 

2 more telecommunications services based on infonnation stored in a directory 

3 repository, comprising: 



12 
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4 a network interface that is coupled to a data network that includes the directory 

5 repository for receiving information therefrom; 

6 a processor; and 

7 one or more stored sequences of instructions which, when executed by the processor, 

8 cause: 

9 receiving from an administrator of the group, a request to modify the 

10 subscriptions of the group of subscribers to the one or more 

1 1 telecommunications services; 

12 determining, based on subscriber privilege information in a privilege token 

1 3 that is associated with the administrator and is generated by an 

14 authorization service, whether the administrator has privileges 

15 sufficient to carry out the requested modification; and 

16 if the administrator is determined to have sufficient privileges, then 

17 performing the steps of: 

1 8 receiving, from the directory repository, current subscriber information 

19 and current service information representing then-current 

20 services to which the group of subscribers are subscribed; 

21 modifying the subscriber information and the service information to 

22 reflect the modifications, resulting in creating and storing, in 

23 the directory repository, updated service information that 

24 reflects the modifications; and 

25 generating one or more requests to subscribe a telecommunications 

26 service to the group of subscribers to fulfill the request of the 

27 administrator. 

1 24. (New) An apparatus as recited in Claim 23, wherein the group of subscribers is 

2 defined explicitly by creating and storing a named group that contains one or more 

3 subscribers as group members, 

1 25. (New) An apparatus as recited in Claim 23, wherein the group of subscribers is 



defined implicitly such that the group comprises one or more subscribers in an object 
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3 tree of the directory repository who are subordinate in the tree to a container node of 

4 the tree. 

1 26. (New) An apparatus as recited in Claim 23, wherein the one or more stored sequences 

2 of instructions further comprise instructions which, when executed by the processor 

3 cause subscribing one of the subscribers in the group to the telecommunications 

4 service by creating and storing a relation of a subscriber object that pro grammatically 

5 represents the subscriber to a service object that programmaticaUy represents the 

6 telecommunications service, and creating and storing one or more attribute values in 

7 the relation, wherein the attribute values define the subscription, 

1 27. (New) An apparatus for modifying subscriptions of a group of subscribers to one or 

2 more telecommunications services based on information stored in a directory 

3 repository, comprising: 

4 means for receiving from an administrator of the group, a request to modify the 

5 subscriptions of the group of subscribers to the one or more 

6 telecommunications services; 

7 means for determining, based on subscriber privilege information in a privilege token 

8 that is associated with the administrator and is generated by an authorization 

9 service, whether the administrator has privileges sufficient to carry out the 

1 0 requested modification; 

1 1 means for receiving, from the directory repository, current subscriber information and 

1 2 current service information representing then-current services to which the 

1 3 group of subscribers are subscribed; 

14 means for modifying the subscriber information and the service information to reflect 

15 the modifications, resulting in creating and storing, in the directory repository, 

1 6 updated service information that reflects the modifications; and 

1 7 means for generating one or more requests to subscribe a telecommunications service 

18 to the group of subscribers to fulfill the request of the administrator. 

14 
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1 28. (New) An apparatus as recited in Claim 27, wherein the group of subscribers is 

2 defined explicitly by creating and storing a named group that contains one or more 

3 subscribers as group members. 

1 29. (New) An apparatus as recited in Claim 27, wherein the group of subscribers is 

2 defined implicitly such that the group comprises one or more subscribers in an object 

3 tree of the directory repository who are subordinate in the tree to a container node of 

4 the tree. 

1 30, (New) An apparatus as recited in Claim 27, further comprising means for subscribing 

2 one of the subscribers in the group to the service by creating and storing a relation of 

3 a subscriber object that programmatically represents the subscriber to a service object 

4 that programmatically represents the service, and means for creating and storing one 

5 or more attribute values in the relation, wherein the attribute values define the 

6 subscription. 

1 31. (New) An apparatus forautomatically logging in a subscriber to all 

2 telecommunications services subscribed to by the subscriber based on subscriber 

3 information and service information that are stored in a directory repository, 

4 comprising: 

5 a network interface that is coupled to a data network that includes the directory 

6 repository for receiving information therefrom; 

7 a processor; and 

8 one or more stored sequences of instructions which, when executed by the processor, 

9 cause: 

1 0 receiving a request from the subscriber to log in to the telecommunications 

1 1 services; 

1 2 authenticating the subscriber by an authentication server, 

1 3 generating a privilege token associated with the subscriber by an authorization 

1 4 v service, said privilege token including subscriber privilege 

15 
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15 information, wherein said authorization service is separate from said 

16 authentication server; 

17 detennining whether the subscriber is allowed to automatically log into the 

1 8 telecommunication services, said determination based on subscriber 

1 9 privilege information in the privilege token associated with the 

20 subscriber; and 

21 if the subscriber is allowed to automatically log into the telecommunications 

22 services, receiving, from the directory repository, a list of all services 

23 for which the subscriber is then currently subscribed, and 

24 automatically logging the subscriber into all services identified in the 

25 list. 

1 32. (New) An apparatus as recited in Claim 31, wherein the instructions that cause 

2 automatically logging the subscriber into all services identified in the list further 

3 comprise instructions which, when executed by the processor, cause for each of the 

4 services identified in the list: 

5 obtaining service information that describes the services from the directory 

6 repository; and 

7 creating and storing a relation between a service object in the directory repository that 

8 uniquely identifies and represents each of the services and privileges of the 

9 subscriber, and a subscriber object that uniquely represents the subscriber, 

1 33. (New) An apparatus as recited in Claim 31, wherein the one or more stored sequences 

2 of instructions further comprise instructions which, when executed by the processors, 

3 cause storing the privilege token in a service selection gateway for use in subsequent 

4 authorization processes relating to the subscriber. 

1 34. (New) An apparatus for automatically logging in a subscriber to all 

2 telecommunications services subscribed to by the subscriber based on subscriber 

3 information and service information that are stored in a directory repository, 

4 comprising: 

16 
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5 means for receiving a request from the subscriber to log in to the telecommunications 

6 services; 

7 means for authenticating the subscriber by an authentication server; 

8 means for generating a privilege token associated with the subscriber by an 

9 authorization service, said privilege token including subscriber privilege 

1 0 information, wherein said authorization service is separate from said 

1 1 authentication server; 

1 2 means for determining whether the subscriber is allowed to automatically log into the 

1 3 telecommunication services, said determination based on subscriber privilege 

14 information in the privilege token associated with the subscriber; and 

15 means for receiving, from the directory repository, a list of all services for which the 

16 subscriber is then currently subscribed when the subscriber is allowed to 

1 7 automatically log into the telecommunications services, and means for 

1 8 automatically logging the subscriber into all services identified in the list, 

1 35. (New) An apparatus as recited in Claim 34, wherein the means for automatically 

2 logging the subscriber into all services identified in the list comprises: 

3 means for obtaining service information that describes the services from the directory 

4 repository for each of the services identified in the list; and 

5 means for creating and storing a relation between a service object in the directory 

6 repository that uniquely identifies and represents each of the services and 

7 privileges of the subscriber, and a subscriber object that uniquely represents 

8 the subscriber. 

1 36. (New) An apparatus as recited in Claim 34, further comprising means for storing the 

2 privilege token in a service selection gateway for use in subsequent authorization 

3 processes relating to the subscriber. 

1 37. (New) An apparatus for automatically subscribing a subscriber to a 

2 telecommunications service based on information stored in a directory repository, 

3 comprising: 
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4 a network interface that is coupled to a data network that includes the directory 

5 repository for receiving information therefrom; 

6 a processor; and 

7 one or more stored sequences of instructions which, when executed hy the processor, 

8 cause: 

9 receiving a request from the subscriber to obtain a list of available 

10 telecommunications services; 

1 1 generating a list of only those telecommunications services for which the 

1 2 subscriber has privileges to subscribe to, based on privilege 

1 3 information and service information that is stored in the directory 

14 repository and is associated with the subscriber, said privilege 

1 5 information associated with the subscriber specifying what 

1 6 telecommunications services the subscriber has privileges to subscribe 

17 to; 

1 8 receiving a subscriber selection of one of the telecommunications services 
1 9 ' from the generated list of telecommunications services; 

20 verifying that the subscriber has privileges that permit the subscriber to 

21 subscribe to the selected telecommunications service; 

22 creating and storing updated subscription information in the directory 

23 repository; and 

24 generating a request to subscribe the subscriber to the selected 

25 telecommunications service based on the updated subscription 

26 information. 



1 38. (New) An apparatus as recited in Claim 37, wherein said privilege information 

2 associated with the subscriber comprises a privilege token for the subscriber that 

3 identifies a role of the subscriber, wherein the privileges of the subscriber to subscribe 

4 to a telecommunications service is determined by the role in the privilege token for 

5 the subscriber. 
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1 39. (New) An apparatus as recited in Claim 37, wherein the instructions that cause 

2 generating the list of only those telecommunications services for which the subscriber 

3 has privileges to subscribe to include instructions which, when executed by the 

4 processor, cause generating and providing to the subscriber a custom display page 

5 that identifies only those telecommunications services for which the subscriber has 

6 privileges to subscribe to. 

1 40. (New) An apparatus for automatically subscribing a subscriber to a 

2 telecommunications service based on information stored in a directory repository, 

3 comprising: 

4 means for receiving a request from the subscriber to obtain a list of available 

5 telecommunications services; 

6 means for generating a list of only those telecommunications services for which the 

7 subscriber has privileges to subscribe to, based on privilege information and 

8 service information that is stored in the directory repository and is associated 

9 with the subscriber, said privilege information associated with the subscriber 

1 0 specifying what telecommunications services the subscriber has privileges to 

1 1 subscribe to; 

1 2 means for receiving a subscriber selection of one of the telecommunications services 

13 from the generated list of telecommunications services; 

14 means for verifying that the subscriber has privileges that permit the subscriber to 

1 5 subscribe to the selected telecommunications service; 

16 means for creating and storing updated subscription information in the directory 

17 repository, and 

1 8 means for generating a request to subscribe the subscriber to the selected 

1 9 telecommunications service based on the updated subscription information, 

1 41. (New) An apparatus as recited in Claim 40, wherein said privilege information 

2 associated with the subscriber comprises a privilege token for the subscriber that 

3 identifies a role of the subscriber, wherein the privileges of the subscriber to subscribe 

19 
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4 to a telecommunications service is determined by the role in the privilege token for 

5 the subscriber. 

1 42. (New) An apparatus as recited in Claim 40, wherein the means for generating the list 

2 of only those telecommunications services for which the subscriber has privileges to 

3 subscribe to includes means for generating and providing to the subscriber a custom 

4 display page that identifies only those telecommunications services for which the 

5 subscriber has privileges to subscribe to. 

1 43. (New) An apparatus as recited in Claim 1 7, wherein the means for generating the 

2 privilege token by the authorization service comprise: 

3 means for receiving a user name associated with the subscriber and mapping the user 

4 name to a distinguished name in the directory repository; and 

5 means for creating and storing as subscriber privilege information in the privilege 

6 token one or more roles occupied by the subscriber based on role information 

7 that is stored in the directory repository, said stored role information including 

8 mapping information that maps a role to one or more privileges that specify 

9 which telecommunications services a subscriber having that role can subscribe 
10 to. 

1 44, (New) An apparatus as recited in Claim 1 7, wherein the means for determining 

2 whether the subscriber is currently logged in comprise means for determining 

3 whether a host object that uniquely identifies the subscriber exists, wherein the 

4 privilege token associated with the subscriber is stored with the host object that 

5 uniquely identifies the subscriber. 

1 45, (New) An apparatus as recited in Claim 17, wherein the means for generating the 

2 engagement request comprise means for subscribing the subscriber to the service by 

3 creating and storing a relation of a subscriber object that programmatically represents 

4 the subscriber to a service object that programmatically represents the service, and 
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5 creating and storing one or more attribute values in the relation, wherein the attribute 

6 values define the subscription. 

1 46. (New) An apparatus as recited in Claim 18, wherein the instructions that cause 

2 generating the privilege token by the authorization service comprise: 

3 instructions which, when executed by the processor, cause receiving a user name 

4 associated with the subscriber and mapping the user name to a distinguished 

5 name in the directory repository; and 

6 instructions which, when executed by the processor, cause creating and storing as 

7 subscriber privilege information in the privilege token one or more roles 

8 occupied by the subscriber based on role information that is stored in the 

9 directory repository, said stored role information including mapping 

1 0 information that maps a role to one or more privileges that specify which 

1 1 telecommunications services a subscriber having that role can subscribe to. 

1 47. (New) An apparatus as recited in Claim 1 8, wherein the instructions that cause 

2 determining whether the subscriber is currently logged in comprise instructions 

3 which, when executed by the processor, cause determining whether a host object that 

4 uniquely identifies the subscriber exists, wherein the privilege token associated with 

5 the subscriber is stored with the host object that uniquely identifies the subscriber. 

1 48. (New) An apparatus as recited in Claim 1 8, wherein the instructions that cause 

2 generating an engagement request comprise instructions which, when executed by the 

3 processor, cause subscribing the subscriber to the service by creating and storing a 

4 relation of a subscriber object that programmatically represents the subscriber to a 

5 service object that programmatically represents the service, and creating and storing 

6 one or more attribute values in the relation, wherein the attribute values define the 

7 subscription. 
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